Fix commit-reminder blocking and test-runner tmp file mismatch

[AnExiledDev]

Summary

• Commit reminder (session-context) was using decision: "block" on every stop, forcing Claude to continue and hound the user about committing — sometimes auto-committing. Now uses advisory systemMessage with tiered logic: meaningful changes (3+ files, 2+ source files, or test files) get a suggestion; small changes are silent. Only fires when the session actually edited files via a new PostToolUse edit tracker.
• Advisory test runner (auto-code-quality) was reading from /tmp/claude-edited-files-{session_id} but the collector writes to /tmp/claude-cq-edited-{session_id} — prefix mismatch meant it never found edited files. Fixed to read from the correct prefix.

Test plan

• Start a session, make no edits → stop → commit reminder should NOT fire
• Edit 3+ files → stop → should see advisory systemMessage (not decision: block)
• Edit 1 config file only → stop → commit reminder should be silent
• Edit a test file → stop → should see advisory message
• Verify Claude does NOT auto-commit or repeatedly ask about committing
• Verify advisory-test-runner reads from claude-cq-edited prefix

Summary by CodeRabbit

• New Features

  • Added session edit tracking (new PostToolUse hook + edit-collector) to detect actual file modifications and avoid false reminders.

• Bug Fixes

  • Fixed temp-file prefix mismatch so the auto code quality advisory runner correctly locates edited files.

• Refactor

  • Commit reminder now emits a non-blocking advisory wrapped as a system message and uses tiered logic to trigger only for meaningful edits (3+ files, 2+ source files, or tests).

• Documentation

  • Updated Session Context and Auto Code Quality READMEs to reflect new hooks, edit-tracking, and behavior changes.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds edit-tracking via a new PostToolUse hook and collect-session-edits.py, refactors the commit reminder to emit an advisory systemMessage only for meaningful edits, and fixes the auto-code-quality temp-file prefix to a unified claude-cq-*.

Changes

Cohort / File(s)	Summary
Changelog \.devcontainer/CHANGELOG.md	Documents plugin updates: edit tracking, commit reminder behavior changes, and auto-code-quality temp-file prefix fix.
Session Context — Hooks & Collector .devcontainer/plugins/devs-marketplace/plugins/session-context/hooks/hooks.json, .devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/collect-session-edits.py	Adds PostToolUse hook (matcher: "Edit
Session Context — Commit Reminder .devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/commit-reminder.py	Reads per-session edits, classifies source/test files, applies a tiered "meaningful edits" rule (3+ files, 2+ source files, or any test files), and emits an advisory wrapped in <system-reminder>/systemMessage instead of blocking.
Session Context — Documentation .devcontainer/plugins/devs-marketplace/plugins/session-context/README.md	Updated to describe the new PostToolUse phase, the collect-session-edits script, revised commit-reminder flow, and hook lifecycle/timeouts.
Auto Code Quality — Temp File Prefix .devcontainer/plugins/devs-marketplace/plugins/auto-code-quality/scripts/advisory-test-runner.py, .devcontainer/plugins/devs-marketplace/plugins/auto-code-quality/README.md	Fixes temp file prefix to claude-cq-edited-{session_id} in the test runner and aligns README guidance to use the unified claude-cq-* prefix.

Sequence Diagrams

sequenceDiagram
    participant User as Editor/Session
    participant Hook as PostToolUse Hook
    participant Collector as collect-session-edits.py
    participant TempFile as /tmp/claude-session-edits-{id}
    participant StopHook as Stop Hook (commit-reminder.py)
    participant Git as Git

    User->>Hook: finish edit
    Hook->>Collector: invoke (stdin JSON with session_id, file_path)
    Collector->>Collector: parse & validate
    Collector->>TempFile: append edited path
    Collector-->>Hook: exit 0

    Note over StopHook: On Session Stop
    StopHook->>TempFile: read collected edits
    StopHook->>StopHook: classify files (source/test) & evaluate meaningfulness
    alt meaningful edits
        StopHook->>Git: check uncommitted changes
        Git-->>StopHook: status
        StopHook->>User: emit advisory wrapped in <system-reminder>
    else small/no edits
        StopHook-->>User: silent (no output)
    end

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~50 minutes

Poem

🐇 I hop and note each edited line,

tmp files store the session's sign,
Reminders whisper when changes grow,
Silent for tweaks, loud when they show,
A tidy trail where devs can shine ✨

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 66.67% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check	❓ Inconclusive	The PR description provides a clear summary of changes, includes a comprehensive test plan with specific checkboxes, but does not follow the provided template structure with explicit sections for Description, Related Issue, Type of Change, and Checklist.	Consider restructuring the description to match the template: add explicit 'Description', 'Related Issue', 'Type of Change', and 'Checklist' sections with the appropriate checkboxes marked.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the two main bug fixes in the PR: the commit-reminder blocking issue and the test-runner tmp file prefix mismatch.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch fix/stop-hook-bugs

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (2)

.devcontainer/CHANGELOG.md (1)

5-5: Consider consolidating duplicate ### Fixed sections under one Unreleased heading.

There are multiple top-level ### Fixed blocks in ## [Unreleased]. Merging them into a single ### Fixed section with #### sub-headings will keep the changelog structure cleaner and consistent.

As per coding guidelines: "Group changelog entries under the appropriate ### Added, ### Changed, ### Fixed, or ### Removed heading" and "Use sub-headings (####) in CHANGELOG to organize by area".

Also applies to: 63-63, 128-128

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.devcontainer/CHANGELOG.md at line 5, Consolidate the duplicate "### Fixed"
headings in the "## [Unreleased]" section into a single "### Fixed" block: move
all individual fixed entries under that one heading and group related items with
"#### <area>" sub-headings (e.g., backend, docs, devcontainer) so each former
"### Fixed" becomes a "####" subsection; ensure no other top-level duplicate
"### Fixed" headings remain in the file and preserve all existing bullet entries
under the new organized structure.

.devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/commit-reminder.py (1)

21-28: Consider whether common extensions are missing from SOURCE_EXTS.

The extension list looks comprehensive for most use cases. You might consider adding .cs (C#), .swift, or .php if those are common in your user base, but this can be deferred.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
@.devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/commit-reminder.py
around lines 21 - 28, SOURCE_EXTS currently omits some common language
extensions; update the frozenset named SOURCE_EXTS to include additional
extensions such as ".cs", ".swift", and ".php" (and any others relevant to your
codebase) so those files are treated as source code, and optionally add a short
comment above SOURCE_EXTS explaining which languages are included for clarity.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.devcontainer/CHANGELOG.md:
- Around line 8-10: The changelog bullets expose implementation details; rewrite
them to describe user-facing behavior for "Commit reminder": replace mentions of
internal flags and mechanisms (e.g., decision: "block", systemMessage,
<system-reminder>, PostToolUse) with clear user outcomes — e.g., state that the
Commit reminder no longer prevents stopping Claude and is now an advisory
suggestion, that it only suggests commits for substantive edits (explain
criteria in plain terms like "multiple files or source/test changes"), and that
it only appears when the session actually modified files; keep the phrasing
user-focused and concise.

---

Nitpick comments:
In @.devcontainer/CHANGELOG.md:
- Line 5: Consolidate the duplicate "### Fixed" headings in the "##
[Unreleased]" section into a single "### Fixed" block: move all individual fixed
entries under that one heading and group related items with "#### <area>"
sub-headings (e.g., backend, docs, devcontainer) so each former "### Fixed"
becomes a "####" subsection; ensure no other top-level duplicate "### Fixed"
headings remain in the file and preserve all existing bullet entries under the
new organized structure.

In
@.devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/commit-reminder.py:
- Around line 21-28: SOURCE_EXTS currently omits some common language
extensions; update the frozenset named SOURCE_EXTS to include additional
extensions such as ".cs", ".swift", and ".php" (and any others relevant to your
codebase) so those files are treated as source code, and optionally add a short
comment above SOURCE_EXTS explaining which languages are included for clarity.

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b2261ed and 226ec94.

📒 Files selected for processing (7)

• .devcontainer/CHANGELOG.md
• .devcontainer/plugins/devs-marketplace/plugins/auto-code-quality/README.md
• .devcontainer/plugins/devs-marketplace/plugins/auto-code-quality/scripts/advisory-test-runner.py
• .devcontainer/plugins/devs-marketplace/plugins/session-context/README.md
• .devcontainer/plugins/devs-marketplace/plugins/session-context/hooks/hooks.json
• .devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/collect-session-edits.py
• .devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/commit-reminder.py

[AnExiledDev]

Review Summary

Reviewed 7 files (191+/28-) covering commit-reminder refactor, new edit-tracking hook, and test-runner tmp file fix.

Verified changes:

• New collect-session-edits.py PostToolUse hook — correctly appends edited file paths to session tmp file
• commit-reminder.py refactored from blocking (decision: "block") to advisory (systemMessage) — appropriate for stop hooks
• advisory-test-runner.py tmp file prefix fix (claude-edited-files → claude-cq-edited) — matches collect-edited-files.py prefix
• hooks.json updated with correct timeout values (3s for PostToolUse, 8s for Stop)

Fix applied: Set executable permission on collect-session-edits.py (100644 → 100755) for consistency with sibling scripts.

Issues found: None (file mode was functional since hooks invoke via python3, but inconsistent)
Verdict: Approved — rebased on main, merging.

[coderabbitai]

🧹 Nitpick comments (2)

.devcontainer/CHANGELOG.md (1)

13-13: Consider simplifying to focus on user outcome rather than implementation details.

While this entry does explain the impact, the tmp file prefix details are implementation specifics. A more user-focused version might be: "Advisory test runner now correctly detects edited files, fixing an issue that prevented it from running tests".

As per coding guidelines: "Write CHANGELOG entries from the user's perspective — what changed, not how it was implemented".

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In @.devcontainer/CHANGELOG.md at line 13, Update the CHANGELOG entry for
"Advisory test runner" to be user-focused: replace the implementation-detail
sentence that mentions tmp file prefixes (`claude-cq-edited`,
`claude-edited-files`) with a concise user-outcome statement such as "Advisory
test runner now correctly detects edited files, fixing an issue that prevented
it from running tests", ensuring the entry emphasizes the observed behavior
change rather than internal filenames.

.devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/collect-session-edits.py (1)

33-38: Consider using a less predictable temp path (optional).

The static analyzer flags /tmp/claude-session-edits-{session_id} as potentially insecure (S108). While the risk is low here—data written is just file paths, not secrets, and this runs locally—a malicious local user could create a symlink at this path before the session starts, causing writes to go elsewhere.

If you want to harden this, you could use tempfile.gettempdir() combined with a random suffix, or create a session-specific subdirectory with restricted permissions. Given the advisory-only nature of this feature, this is optional.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In
@.devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/collect-session-edits.py
around lines 33 - 38, The tmp_path construction using
"/tmp/claude-session-edits-{session_id}" is predictable and can be hijacked;
change the logic that builds tmp_path (where session_id and file_path are used)
to create a secure, unique temp location via tempfile (e.g., tempfile.mkdtemp or
tempfile.gettempdir() + a random suffix) or use a securely created file
(mkstemp) and ensure you set restricted permissions on the created file/dir;
update the block that opens/writes tmp_path to use that secure path and avoid
race conditions (use exclusive creation semantics where possible).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In @.devcontainer/CHANGELOG.md:
- Line 13: Update the CHANGELOG entry for "Advisory test runner" to be
user-focused: replace the implementation-detail sentence that mentions tmp file
prefixes (`claude-cq-edited`, `claude-edited-files`) with a concise user-outcome
statement such as "Advisory test runner now correctly detects edited files,
fixing an issue that prevented it from running tests", ensuring the entry
emphasizes the observed behavior change rather than internal filenames.

In
@.devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/collect-session-edits.py:
- Around line 33-38: The tmp_path construction using
"/tmp/claude-session-edits-{session_id}" is predictable and can be hijacked;
change the logic that builds tmp_path (where session_id and file_path are used)
to create a secure, unique temp location via tempfile (e.g., tempfile.mkdtemp or
tempfile.gettempdir() + a random suffix) or use a securely created file
(mkstemp) and ensure you set restricted permissions on the created file/dir;
update the block that opens/writes tmp_path to use that secure path and avoid
race conditions (use exclusive creation semantics where possible).

---

ℹ️ Review info

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 226ec94 and 607f19b.

📒 Files selected for processing (7)

• .devcontainer/CHANGELOG.md
• .devcontainer/plugins/devs-marketplace/plugins/auto-code-quality/README.md
• .devcontainer/plugins/devs-marketplace/plugins/auto-code-quality/scripts/advisory-test-runner.py
• .devcontainer/plugins/devs-marketplace/plugins/session-context/README.md
• .devcontainer/plugins/devs-marketplace/plugins/session-context/hooks/hooks.json
• .devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/collect-session-edits.py
• .devcontainer/plugins/devs-marketplace/plugins/session-context/scripts/commit-reminder.py

🚧 Files skipped from review as they are similar to previous changes (1)

• .devcontainer/plugins/devs-marketplace/plugins/auto-code-quality/README.md